NEAS[.]81c2780901b7f68756fd7cddb33919d0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.81c2780901b7f68756fd7cddb33919d0.exe
Size

232KB
MD5

81c2780901b7f68756fd7cddb33919d0
SHA1

6bbcdfb79899fbbe0bc4da4bd04a910c6c054bbe
SHA256

33dca184648e9700b57f7e1e8ec863ee75f863ec26ece2befbbbbbbb5428a7b1
SHA512

89496fad2e0d458199738225033e291a3d71cd7e989493f801aa2a0b592bb8dad455817c4c9547f4c9104005aca1ea31691aa048f1250aa83ef4ad57837691b5
SSDEEP

3072:T1OSb9t5Z1vPcRUJcaPFiEv8K/OGBrAg7aTyGOKyw4De2x5rpz8l5K:Tww9t9cRU9diE0K/OGBcgSyGOXDpx5yK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.81c2780901b7f68756fd7cddb33919d0.exe

Files

NEAS.81c2780901b7f68756fd7cddb33919d0.exe
.exe windows:4 windows x86

7b3bc51c1c93804f959fb9162f7c5564

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mixerGetNumDevs
waveOutOpen
mixerGetID
waveOutClose
mixerOpen
mixerGetControlDetailsA
mixerSetControlDetails
mixerGetLineInfoA
mixerGetLineControlsA
mixerClose
PlaySoundA
mciSendStringA
timeGetDevCaps
timeBeginPeriod
timeGetTime
timeEndPeriod

dsound

ord1

ddraw

DirectDrawCreate

kernel32

SetEndOfFile
GetCurrentProcessId
GetLocaleInfoA
QueryPerformanceCounter
QueryPerformanceFrequency
UnmapViewOfFile
CloseHandle
TerminateThread
WaitForSingleObject
SetEvent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileA
GetVersionExA
WaitForMultipleObjects
InitializeCriticalSection
CreateThread
CreateEventA
GetTickCount
GetCommandLineA
LoadLibraryA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
IsBadCodePtr
IsBadReadPtr
VirtualQuery
InterlockedExchange
FlushFileBuffers
SetStdHandle
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetCPInfo
GetOEMCP
GetACP
WriteFile
HeapSize
GetCurrentProcess
VirtualProtect
GetSystemInfo
GetModuleHandleA
TerminateProcess
ExitProcess
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetStartupInfoA
GetProcAddress
GetLastError
ReadFile
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
HeapReAlloc

user32

LoadIconA
LoadCursorA
SetWindowLongA
GetWindowLongA
UpdateWindow
PostQuitMessage
BeginPaint
EndPaint
GetKeyState
GetCursorPos
PeekMessageA
TranslateMessage
DispatchMessageA
MsgWaitForMultipleObjects
ScreenToClient
SendMessageTimeoutA
SetWindowPos
SendMessageA
GetClientRect
RegisterClassExA
CreateWindowExA
ShowWindow
DefWindowProcA
DestroyWindow
MessageBoxA
GetDC
ReleaseDC

gdi32

BitBlt
GetDeviceCaps
SelectObject
CreateDIBSection
GdiFlush
CreateCompatibleDC
CreateSolidBrush
DeleteObject
DeleteDC

shell32

ShellExecuteA

Sections

.text
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b3bc51c1c93804f959fb9162f7c5564

Headers

File Characteristics

Imports

winmm

dsound

ddraw

kernel32

user32

gdi32

shell32

Sections

.text Size: 192KB - Virtual size: 189KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 192KB - Virtual size: 189KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 8KB - Virtual size: 4KB